Qualifications:
BSc (Computer Science or Information Systems) – essential
CISSP/CISA/ CCSP advantageous
Beneficial MCSE (Security) or CompTIA Security+ qualification.
Knowledge and Experience:
3 to 5 years working experience in information security.
Knowledge of IT Security and Risk Management frameworks, policies, standards, and technologies ISO27001/2
Good understanding of Infrastructure Security controls and how to monitor and measure effectiveness.
The ability to define problems, collect data, establish facts, and draw valid conclusions
Malware Management Knowledge.
Vulnerability and Patch Management.
Understanding of Identity and Access Management processes and controls.
Global Threats understanding
System and network exploitation, attack pathologies and intrusion techniques (such as denial of service, sync attacks, malicious code, password cracking, etc.).
Technical understanding/skill set in Linux, Java, Windows.
Demonstrate and understanding of Networking/Firewalling Knowledge and TCP/IP
Good understanding of Infrastructure Security controls and how to monitor and measure effectiveness
OS/Application VM Knowledge
Web monitoring solutions
Data leakage on end points
Virtual server protection
Database monitoring
Desktop Firewall and IPS solutions
Key responsibilities:
Participate in IT security projects aimed at improving IT security in the PPS environment.
Participate during the planned and unplanned IT systems recovery process through recovering the IT.
Stay current with IT security knowledge and skills to maintain professional expertise and relevant.
Keep abreast of changes in the standards, technologies or methodologies and threats
Understating of the Incident Management Processes to restore a normal service operation as quickly as possible and to minimize the impact on business operations, thus ensuring that the best possible levels of service quality and availability are maintained.
Management of the anti-malware products in the environment or similar products
Management of Data Loss Prevention systems
Provide input to monitoring and logging requirements of new infrastructure components and new systems
Management of the security information and event management (SIEM) services
Providing guidelines for intrusion prevention and detection mechanisms which safeguard against hacker vulnerability, unauthorized user access
Promote user awareness of information security requirements and practices
Prepare draft reports for discussion with information and system owners.
Assist with Information Classification processes.
Define and implement new review processes as required.
Document issues and risks and escalate to Information and system owners.
Liaise with Information owners re the status of controls on information assets.
Liaise with Information Security Manager and other stakeholders on findings and rectification actions.
Providing critical input into the disaster recovery and business continuity plans to reflect and address changes in the IT environment
Strategic Orientation
Astute knowledge and understanding of the PPS vision, strategy, and customer/member value proposition.
Is creative and innovative and always seeks opportunities for ongoing improvement of the relationship between the team and various stakeholders.
Ability to manage multiple priorities effectively within a fast-paced environment.
Excellent organizational skills and string attention to detail.
Communication
Strong ability to communicate effectively with all stakeholders face-to-face or electronically
Is articulate and communicates in a logical way and structures information to meet the needs and understanding of intended audiences
Expresses opinions, information, and key points of view clearly and assertively
Is confident in conceptualizing, building, and presenting plans related presentations
Anticipates and responds appropriately to the needs, reactions, and feedback of an audience
Good networker
Open, flowing communication is important
Position requires working with and through others, especially in a helping role
There is a need for a persuasive, “selling” (rather than “telling”) communication style
Commercial Acumen
Strong knowledge of IT Security Standards and Best Practices
Computer Literacy
Good computer skills in Microsoft Word, and Excel is essential